- Amanda Palmer dragged for ‘demanding’ coverage of her music Thursday 8:33 PM
- How to get free TikTok followers without downloading a virus Thursday 7:57 PM
- Trump Jr.s ‘Triggered’ topped best-seller’s list with help of RNC Thursday 7:41 PM
- FBI raided millionaire YouTuber’s home, allegedly took everything Thursday 6:55 PM
- A fake Labour party website is spreading disinformation in Britain Thursday 6:16 PM
- Twitter bans cricket club for posting ISIS content in apparent hack Thursday 6:12 PM
- This dad remade his daughter’s NSFW photo—and people are loving it Thursday 5:51 PM
- Teen allegedly posted ‘slave for sale’ Craigslist ad featuring his Black classmate Thursday 5:28 PM
- People are crushed that this teen love story might be a TikTok ‘joke’ Thursday 4:50 PM
- Is Jacob Wohl evading his Twitter ban with Jack Burkman’s account? Thursday 2:06 PM
- Biden’s most perplexing debate answers, explained Thursday 2:03 PM
- How to stream Colts vs. Texans on Thursday Night Football Thursday 12:52 PM
- Netflix drops ‘A Christmas Prince: The Royal Baby’ trailer Thursday 12:43 PM
- Uber says it will audio-record rides to address safety concerns Thursday 12:41 PM
- ‘Avengers: Endgame’ writers go in-depth on how they decided which superheroes lived and died Thursday 12:22 PM
Hackers hit CurrentC, Apple Pay’s main competitor
This isn’t a good sign, except maybe for Apple.
CurrentC, the mobile payment service that is challenging Apple Pay with funding from the largest U.S. retailers, has already been hacked, according to the Merchant Customer Exchange (MCX).
In an email sent on Wednesday to participants in CurrentC’s pilot program, MCX said unauthorized third parties had obtained the e-mail address of CurrentC users, though no other information was taken. The email also warned recipients of possible phishing attempts stemming from the theft.
“In an abundance of caution, we wanted to make you aware of this incident and urge you not to open links or attachments from unknown third parties,” MCX said. According to Mashable, MCX claims that the CurrentC app itself was not affected.
CurrentC, which is now in the beta-testing phase, uses QR codes to process payments at the register, unlike Apple Pay, which uses near-field communication (NFC) technology. Tech-watchers have raised questions about the wisdom of generating QR codes that link to consumers’ bank accounts, as CurrentC does. Apple Pay’s NFC system, meanwhile, is said to be more secure because it uses tokenization, replacing credit card information with a different number, called a token, generated by a secured cryptographic function.
Screengrab via CurrentC app
Analysts anticipate that CurrentC, which is set to launch in 2015, will see widespread use in the United States. Participating retailers are already taking steps to prevent their customers from using Apple Pay. Last week, Rite Aid and CVS, both members of the MCX consortium, disabled Apple Pay-compatible NFC equipment in their stores.
According to Business Insider, neither pharmacy will allow customers to use Google Wallet either, even though Google’s mobile payment system has been around for over two years.
— Adam (@Afbar1114) October 29, 2014
Unnamed sources at multiple MCX retailers told the New York Times this week that they signed a contract with MCX and faced “steep fines” for accepting mobile payments from CurrentC competitors such as Apple Pay.
MCX denied the existence of any such fines and claimed that retailers are simply not allowed to use their service and accept Apple Pay. “When merchants choose to work with MCX, they choose to do so exclusively and we’re proud of the long list of merchants who have partnered with us,” MCX said on its website.
“Importantly, if a merchant decides to stop working with MCX, there are no fines” (emphasis in original).
MCX counts among its members some of the nation’s largest retailers, many of whom have already fallen victim to cyberattacks targeting point-of-sale (POS) systems, including WalMart, Target, GAP, and Best Buy.
Update 6pm ET, 10.29.14: MCX CEO Dekkers Davidson defended CurrentC’s security during a conference call late Wednesday afternoon. He emphasized that the recent attack was “not a breach” of the CurrentC app itself and added that mostly dummy email addresses were affected. Moreover, Davidson repeated that MCX member retailers would not be penalized for adopting Apple Pay alongside CurrentC. “We have a great deal of respect for Apple, of course, and Apple Pay,” Davidson said. “We believe and our merchants believe we require two to three strong players in the space to build the ecosystem.” (h/t TIME)
Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.